In 2016, hackers launched emails from the National Democratic Committee that they accessed after using a targeted attack against Hillary Clinton's campaign manager. Area 1, a security company that specializes in phishing defense, says they discovered a network of fake websites used by G.R.U., a Russian military intelligence unit, created to attack Burisma's subsidiaries. Security researcher Kyle Ehmke celebrated Some of the suspicious domains in December.
Relevant hosting IP:
91,132,139 (.) 155
184.164.139 (.) 238
94,158,245 (.) 28
185,174,174 (.) 34
Also the mail server mail.kvatral95 (.) Com is hosted on a probable dedicated server at 45.89.175 (.) 235. (2/6) pic.twitter.com/2FTcavbhxh
– Kyle Ehmke (@kyleehmke) December 16, 2019
They then sent emails to company employees with links to their fake pages, created as replicas of internal websites so they could collect their logins and use them to access their servers.
Experts speculate that the scheme was looking for information to use against Biden, a potential candidate for the Democratic party in this year's presidential elections. The scope of the "electoral security" efforts will continue to expand this year, and it seems that the same kind of tricks that government agencies and others have pointed out will continue again.